libvorbis: CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633 (From OE-Core rev: f398fb04549577922e6265c0969c6d6c35a11e7c) Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Please register or sign in to comment